The sweeping data breach that hit 9.4 million passengers of Cathay Pacific in March 2018 affected 102,000 Filipino passport and credit card holders, according to the National Privacy Commission (NPC).
The airline, however, only confirmed it suffered from ‘unauthorized data access’ worldwide last month.
The breakdown of the data exposed, according to the order dated Oct. 29 made public during the weekend by the NPC, is as follows:
Credit cards: 144
Other personal data: 66,000
NPC’s order stated: “There appears to be a failure on the part of Cathay to report to this Commission what it knew about the data breach at the time it confirmed unauthorized access and what the affected data fields are.”
As per NPC, personal data that were exposed in the breach include: nationalities, birth date, contact numbers, email, customer service remarks, and historical travel information, among others.
The Commission gave the airline five (5) days to submit information on the measures taken to address the breach.